![]() “Upon opening the malicious '.MHT' file locally it should launch Internet Explorer. ![]() “ example, a request for "c:\Python27\NEWS.txt" can return version information for that program,” Page explains. To initiate the exploit, a user simply needs to open an attachment received by email, messenger, or other file transfer service. MHT format, so when a PC user attempts to access this file Windows opens IE by default. ![]() MHT files, which is the file format used by Internet Explorer for its web archives. “This can allow remote attackers to potentially exfiltrate Local files and conduct remote reconnaissance on locally installed Program version information.”īasically, what this means is that hackers are taking advantage of a vulnerability using. “Internet Explorer is vulnerable to XML External Entity attack if a user opens a specially crafted. It just needs to exist on their computer. The craziest part: Windows users don’t ever even have to open the now-obsolete web browser for malicious actors to use the exploit. Security researcher John Page has discovered a new security flaw that allows hackers to steal Windows users’ data thanks to Internet Explorer. Finally stopped using Internet Explorer? Good! But, now it’s time to completely delete it from your computer, too.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
March 2023
Categories |